Re: [patch] Fix up l1ft documentation was Re: Taking a break - time to look back

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Pavel Machek <pavel@ucw.cz>
To: Thomas Gleixner <tglx@linutronix.de>
Cc: corbet@lwn.net, LKML <linux-kernel@vger.kernel.org>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	x86@kernel.org, Peter Zijlstra <peterz@infradead.org>,
	Jiri Kosina <jkosina@suse.cz>,
	Josh Poimboeuf <jpoimboe@redhat.com>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	Andy Lutomirski <luto@kernel.org>,
	Greg KH <gregkh@linuxfoundation.org>,
	Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
	David Woodhouse <dwmw2@infradead.org>,
	Tom Lendacky <thomas.lendacky@amd.com>,
	Paolo Bonzini <pbonzini@redhat.com>,
	Joerg Roedel <joro@8bytes.org>, Tony Luck <tony.luck@intel.com>,
	Salvatore Bonaccorso <carnil@debian.org>,
	linux-doc@vger.kernel.org
Subject: Re: [patch] Fix up l1ft documentation was Re: Taking a break - time to look back
Date: Mon, 11 Mar 2019 14:13:41 +0100	[thread overview]
Message-ID: <20190311131341.GA28223@amd> (raw)
In-Reply-To: <alpine.DEB.2.21.1903111403330.1691@nanos.tec.linutronix.de>

[-- Attachment #1: Type: text/plain, Size: 4263 bytes --]

On Mon 2019-03-11 14:05:07, Thomas Gleixner wrote:
> On Mon, 11 Mar 2019, Pavel Machek wrote:
> > On Thu 2019-01-03 00:51:52, Pavel Machek wrote:
> > > Hi!
> > > 
> > > > The next round of speculation-related issues including the scary L1TF
> > > > hardware bug was a way more "pleasant" experience to work on. While for
> > > > obvious reasons the mitigation development happened behind closed doors in
> > > > a smaller group of people, we were at least able to collaborate in a way
> > > > which is somehow close to what we are used to.
> > > 
> > > Ok, I guess L1TF was a lot of fun, and there was not time for a good
> > > documentation.
> > > 
> > > There's admin guide that is written as an advertisment, and
> 
> What's advertisement there?

"No problem here, no performance issues, nothing to be seen unless you
are running VM."

> > > unfortunately is slightly "inaccurate" at places (to the point of
> > > lying).
> 
> Huch? Care to tell what's a lie instead of making bold statements?

Take a care to look at the patch I submitted?

Lie:

# A system with an up to date kernel is protected against attacks from
# malicious user space applications.

3GB system running 32bit kernel is not protected. Same is true for for
really big 64bit systems.

If I do what dmesg suggests, this becomes untrue:

# The Linux kernel contains a mitigation for this attack vector, PTE
# inversion, which is permanently enabled and has no performance
# impact.

Limiting memory to 2GB _is_ going to have severe perfomance impact.

								Pavel

commit 9664b4dabdb132433a6843aefe05814953f1342f
Author: Pavel <pavel@ucw.cz>
Date:   Thu Jan 3 00:48:40 2019 +0100

    Ok, I guess L1TF was a lot of fun, and there was not time for a good
    documentation.
    
    There's admin guide that is written as an advertisment, and
    unfortunately is slightly "inaccurate" at places (to the point of
    lying).
    
    Plus, I believe it should go to x86/ directory, as this is really
    Intel issue, and not anything ARM (or RISC-V) people need to know.
    
    Signed-off-by: Pavel Machek <pavel@ucw.cz>

diff --git a/Documentation/admin-guide/l1tf.rst b/Documentation/admin-guide/l1tf.rst
index 9af9773..05c5422 100644
--- a/Documentation/admin-guide/l1tf.rst
+++ b/Documentation/admin-guide/l1tf.rst
@@ -1,10 +1,11 @@
 L1TF - L1 Terminal Fault
 ========================
 
-L1 Terminal Fault is a hardware vulnerability which allows unprivileged
-speculative access to data which is available in the Level 1 Data Cache
-when the page table entry controlling the virtual address, which is used
-for the access, has the Present bit cleared or other reserved bits set.
+L1 Terminal Fault is a hardware vulnerability on most recent Intel x86
+CPUs which allows unprivileged speculative access to data which is
+available in the Level 1 Data Cache when the page table entry
+controlling the virtual address, which is used for the access, has the
+Present bit cleared or other reserved bits set.
 
 Affected processors
 -------------------
@@ -76,12 +77,14 @@ Attack scenarios
    deterministic and more practical.
 
    The Linux kernel contains a mitigation for this attack vector, PTE
-   inversion, which is permanently enabled and has no performance
-   impact. The kernel ensures that the address bits of PTEs, which are not
-   marked present, never point to cacheable physical memory space.
-
-   A system with an up to date kernel is protected against attacks from
-   malicious user space applications.
+   inversion, which is permanently enabled and has no measurable
+   performance impact in most configurations. The kernel ensures that
+   the address bits of PTEs, which are not marked present, never point
+   to cacheable physical memory space. On x86-32, this physical memory
+   needs to be limited to 2GiB to make mitigation effective.
+
+   Mitigation is present in kernels v4.19 and newer, and in
+   recent -stable kernels.
 
 2. Malicious guest in a virtual machine
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]

next prev parent reply	other threads:[~2019-03-11 13:13 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-12-20  0:46 Taking a break - time to look back Thomas Gleixner
2018-12-20  5:26 ` Willy Tarreau
2019-01-02 23:51 ` [patch] Fix up l1ft documentation was " Pavel Machek
2019-03-11 10:21   ` Pavel Machek
2019-03-11 13:05     ` Thomas Gleixner
2019-03-11 13:13       ` Pavel Machek [this message]
2019-03-11 22:31         ` Thomas Gleixner
2019-03-12 11:57           ` Pavel Machek
2019-03-24 20:41             ` Thomas Gleixner
2019-08-28 22:18               ` Pavel Machek
2019-03-11 14:38     ` Jonathan Corbet

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9af9773 dfblob:05c5422 )
 OR (
bs:"Re: [patch] Fix up l1ft documentation was Re: Taking a break - time to look back" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190311131341.GA28223@amd \
    --to=pavel@ucw.cz \
    --cc=carnil@debian.org \
    --cc=corbet@lwn.net \
    --cc=dave.hansen@linux.intel.com \
    --cc=dwmw2@infradead.org \
    --cc=gregkh@linuxfoundation.org \
    --cc=jkosina@suse.cz \
    --cc=joro@8bytes.org \
    --cc=jpoimboe@redhat.com \
    --cc=konrad.wilk@oracle.com \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    --cc=thomas.lendacky@amd.com \
    --cc=tony.luck@intel.com \
    --cc=torvalds@linux-foundation.org \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.